This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT -> this cannot be this hard

RevJoe,

you have to use the internal addresses in the packet filters.
DNAT happens before routing and filtering!

SNAT and masquerading happen after filtering,

This means, if you work with any kind of NAT you
have to use the "internal" addresses in packet
filter rules!!!

Maybe this link is useful
http://packetstorm.widexs.nl/UNIX/firewall/ipchains/netfilter/netfilter-HOWTO.html

regards
ollion

[ 21 February 2002: Message edited by: ollion ]

This thread was automatically locked due to age.

0 eTrust over 23 years ago in reply to squeeze

Slap yourself on the shoulder, squeeze! I simply overlooked this point. All the time, I thought the problem was related to the DNAT-function of the firewall. Now, with the gateway-settings changed, everything works fine! Well it's often a little thing causing BIG trouble... :-D

Thanks a lot!

eTrust
Cancel
Vote Up 0 Vote Down

Cancel